CN102067147A - Verification key handling - Google Patents

Verification key handling Download PDF

Info

Publication number
CN102067147A
CN102067147A CN2009801236856A CN200980123685A CN102067147A CN 102067147 A CN102067147 A CN 102067147A CN 2009801236856 A CN2009801236856 A CN 2009801236856A CN 200980123685 A CN200980123685 A CN 200980123685A CN 102067147 A CN102067147 A CN 102067147A
Authority
CN
China
Prior art keywords
authentication secret
restricted part
authentication
father
secret
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2009801236856A
Other languages
Chinese (zh)
Other versions
CN102067147B (en
Inventor
J-E·埃克伯格
M·基兰帕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia Technologies Oy
Original Assignee
Nokia Oyj
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Oyj filed Critical Nokia Oyj
Publication of CN102067147A publication Critical patent/CN102067147A/en
Application granted granted Critical
Publication of CN102067147B publication Critical patent/CN102067147B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • G06F21/335User authentication using certificates for accessing specific resources, e.g. using Kerberos tickets
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Abstract

A method, an apparatus, and a computer program product for enabling verification key handling is disclosed. Said handling is enabled by receiving a verification key including an identifier of the parent verification key of the verification key (40), wherein the verification key comprises a constraint portion, determining whether the constraint portion of the verification key corresponds to the constraint portion of the parent verification key (41), associating, in case the constraint portion of the verification key corresponds to the constraint portion of the parent verification key, the verification key with a particular state update (43), and storing the verification key associated with the particular state update (44).

Description

Authentication secret is handled
Technical field
Put it briefly, the present invention relates to Trusted Computing, more specifically but the authentication secret that not exclusively relates in Trusted Computing handle.
Background technology
Mobile phone of today is typically as the software that is provided by a plurality of businessmans and the computing platform of firmware.For example, equipment manufacturers are the software and/or the firmware of the different assemblies (for example radio interface and intelligent card reader module) that equipment configuration can operating equipment, and application processor manufacturer provides software and the firmware relevant with the processing of application processor.In addition, operating system and user use can be provided by one or more software businessman.
There is the factor of forcing strict demand aspect the safety of mobile computing platform and/or software that on platform, moves and firmware and the integrity protection.For example, the use of radio frequency is by official's strict regulations.Another example is to prevent the equipment interception, thereby mobile device can not be used for malicious intent anonymously.This means, need to be controlled at the software operation that moves on the mobile device as the computing platform mobile device operating, thereby for example can prevent the no unauthorized modifications of radio configuration parameter.
For example, by introduce mobile trusted module notion by the Trusted Computing group, solved the demand of Trusted Computing on mobile device.In described notion, for example, can control modification by the mobile trusted module of self-operating in the secured computing environment that mobile device provided for system configuration parameter.Can make modification by using referential integrity tolerance (RIM) certificate to for example system configuration parameter and the parameter of the particular state of expression computer program module.Request can be signed by the certificate key to the RIM certificate of the configuration and the modification of state parameter, and described certificate key is for example sent to the participant that is authorized to make described modification by mobile trusted module.If participant have suitably send with the authentication secret of confirming, then described participant can authorize the free position on mobile device to change, and comprises that its modification may damage device security or cause those modifications of mobile device violation operation.In other words, in current mobile computing platform, the mandate that the holder of suitable authentication secret enjoys can not suitably be limited.
Summary of the invention
The objective of the invention is to solve at least some in the problem discussed above.According to a first aspect of the invention, provide a kind of method, may further comprise the steps: Receipt Validation key, described authentication secret comprise the identifier of father's authentication secret of described authentication secret, and wherein said authentication secret comprises restricted part; Whether the restricted part of determining described authentication secret is corresponding to the restricted part of described father's authentication secret; Under the situation of restricted part corresponding to the restricted part of described father's authentication secret of described authentication secret, make described authentication secret upgrade related with particular state; And storage is upgraded related authentication secret with described particular state.
According to a second aspect of the invention, provide a kind of device, comprising: processor is configured to: Receipt Validation key, described authentication secret comprise the identifier of father's authentication secret of described authentication secret, and wherein said authentication secret comprises restricted part; Whether the restricted part of determining described authentication secret is corresponding to the restricted part of described father's authentication secret; Make described authentication secret upgrade related with particular state; Described device also comprises: storer is configured to store with described particular state and upgrades related authentication secret.
According to the third aspect, a kind of computer program of realizing on computer-readable medium is provided, described computer program comprises be operable as storer that is loaded into calculation element and the program code of carrying out on calculation element, described program code has been configured to make when carrying out calculation element to operate below carrying out: the Receipt Validation key, described authentication secret comprises the identifier of father's authentication secret of described authentication secret, and wherein said authentication secret comprises restricted part; Whether the restricted part of determining described authentication secret is corresponding to the restricted part of described father's authentication secret; Under the situation of restricted part corresponding to the restricted part of described father's authentication secret of described authentication secret, make described authentication secret upgrade related with particular state; And storage is upgraded related authentication secret with described particular state.
According to fourth aspect, the invention provides a kind of device, comprising: to be used for the parts of Receipt Validation key, described authentication secret comprises the identifier of father's authentication secret of described authentication secret, and described authentication secret comprises restricted part; Whether the restricted part that is used for determining described authentication secret is corresponding to the parts of the restricted part of described father's authentication secret; Be used to make described authentication secret to upgrade related parts with particular state; And the parts that are used to store the authentication secret related with described particular state renewal.
Below each exemplary embodiment of the present invention in the specific embodiment of the present invention and shown in the appended dependent claims.With reference to selected aspect of the present invention embodiment is shown.One skilled in the art will appreciate that any embodiment of the present invention can be individually or combine with other embodiment and to be applied to other aspects.
Description of drawings
To only pass through example, with reference to the accompanying drawings to describe the present invention, wherein:
Above being illustrated in, can realize Fig. 1 the overview diagram of the credible mobile platform of the embodiment of the invention;
Above being illustrated in, can realize Fig. 2 another overview diagram of the credible mobile platform of the embodiment of the invention;
Above being illustrated in, can realize Fig. 3 the overview of the device of the embodiment of the invention;
Fig. 4 illustrates the example according to the method for the embodiment of the invention; And
Fig. 5 illustrates another example according to the method for the embodiment of the invention.
Embodiment
In the following description, like numerals will indication analogous element.
With reference to Fig. 1, above being illustrated in, it can realize the overview diagram of the credible mobile platform of the embodiment of the invention.Fig. 1 illustrates three engines 100,101,102.Each engine can comprise application specific processor or the running environment that has the visit of trusted resource.But each engine can move telecommunications services and normal service.But telecommunications services is by using and revise the trusted resource of computing equipment (for example mobile phone) and the service of instantiation.Trusted resource is to verify the resource of integrality by for example using authentication secret.
The engine 100 of Fig. 1 can be configured to provide the cellular service via interface 114 to application service engine 101, for example the required cellular protocol stack of accessing mobile communication network.Cellular service engine 100 can comprise legacy cellular service module 105, credible service module 108 and mobile trusted module 111.The cellular service module can be used the service of credible service module 108 via application programming interface (API) 115 and 116, and moves credible service module 108 can be visited mobile trusted module 111 subsequently via interface 120 service.
The application service engine 101 of Fig. 1 can be configured to provide application service (for example book applications service) via interface 113 for user's service-Engine 102.Application service engine 101 can comprise application service module 104, credible service module 107 and mobile trusted module 110.Application service module 104 can be visited the service of credible service module 107 via API 117 and 118, and credible service module 107 can be visited the service of mobile trusted module 110 subsequently via API 121.
User's service-Engine 102 can comprise legacy user's service module 103 (for example web browser application), credible service module 106 and mobile credible platform module 109.User's service module 103 can be visited the service of credible service module 106 via interface 112 and 119, and credible service module 106 can be via the service of the mobile trusted module 109 of interface 122 visits.
In the engine 100,101,102 (can be credible engine) each can realize in hardware, software, firmware or its combination.Credible service module 106,107,108 can carry out the configuration of traditional services module 103,104,105 and the measurement of function, and the described measurement of storage in mobile trusted module 109,110,111 respectively.
Referring now to Fig. 2, above being illustrated in, it can realize another overview diagram of the credible mobile platform of the embodiment of the invention.Fig. 2 illustrates engine 204,205,206, and it is corresponding to the engine 100,101,102 of Fig. 1.Fig. 2 also illustrates the operating system 200 and the credible service module 201,202,203 (it corresponds respectively to the credible service module 108,107,106 of Fig. 1) of computing equipment.In the platform of Fig. 1, credible service module 201,202,203 is embodied as the service of operating system 200.Fig. 2 also illustrates the root of trust module 207 of distribution and implements root of trust (RTE) module 208.
Engine 204,205,206 can be the credible engine that starts by startup safe in utilization or safe guidance.The clean boot of engine can be used the bootstrapping method, and the startup of the module of wherein booting begins by the initiation of module, and its integrality guarantees by computing platform, for example, and by first module in the storage bootstrapping chain in secure memory location.In case first module begins and moves, then it begins and checks next module in the bootstrapping safe guidance chain.
The root of trust module 207 of the distribution of Fig. 2 can comprise storage root of trust (RTS) module, checking root of trust (RTV) module and report root of trust (RTR) module.Can be used for for mobile trusted module starts secured computing environment with enforcement root of trust (RTE) module 207 of at least some combinations in the root of trust module 207 of distributing, to load and initialization.Secured computing environment can be a processor storage for example.In Fig. 2, operating system 200 can provide the secure execution environments of compartmentation, comprise handling and storage resources, and for each the example of mobile trusted module in the credible engine 204,205,206.
For example, the TCG that moves trusted module standard (TCG Mobile Trusted Module Specification) and on June 12nd, 2007, version 1.0 at the standard TCG of 12 days June in 2007 of Trusted Computing group (Trusted Computing Group), version 1.0 moves the notion of describing mobile trusted module and credible mobile platform in the frame of reference (TCGMobile Reference Architecture) in detail.
Referring now to Fig. 3, above being illustrated in, it can realize the overview of the device 30 of the embodiment of the invention.The device 30 of Fig. 3 comprises processor 31 and storer 32.Fig. 3 also is illustrated in the storer 32 computer program 33 of storage, the example of its expression computer-readable medium, and be operable as and be loaded into processor 31 neutralizations and carry out thereon.
Processor 31 can be for example CPU (central processing unit) (CPU), microprocessor, digital signal processor (DSP), Graphics Processing Unit etc.Fig. 3 illustrates a processor 31, but installing 31 can comprise a plurality of processors.Device 30 for example can comprise baseband processor and application processor.
Storer 32 can be for example non-volatile or volatile memory, the for example storer or the smart card of ROM (read-only memory) (ROM), programmable read-only memory (prom), EPROM (Erasable Programmable Read Only Memory) (EPROM), random-access memory (ram), flash memory, data disks, light storage device, magnetic memory apparatus, for example SIM or usim card, or the like.Device 30 can comprise a plurality of storeies 32.Storer 32 can constitute the part of device 30 or processor 31, perhaps can be inserted groove, port of device 30 etc. by the user.Storer 32 can be served the sole purpose of storage data, perhaps can constitute the part of the device of serving other purposes (for example deal with data).
Referring now to Fig. 4, it illustrates the example according to the method for the embodiment of the invention.In step 40, the Receipt Validation key.For example, can pass through mobile trusted module (for example mobile trusted module 109,110,111 of Fig. 1) Receipt Validation key.Mobile trusted module for example can be represented by the computer program 33 of Fig. 3.Authentication secret can be the authentication secret that for example is used for referential integrity tolerance (RIM) certificate granting and integrity protection, and described RIM certificate is used for transmitting during system start-up and/or revising and represent for example platform configuration register of the particular state of software module (PCR) value subsequently.Typically, the RIM certificate comprises the expectation value of state or configuration parameter, and the RIM certificate also can be used for realizing state exchange.Move further discussion RIM certificate and use thereof in trusted module and the mobile frame of reference at TCG.
If the authentication secret that receives in the step 40 of Fig. 4 comprises restricted part, then whether the restricted part of determining the authentication secret that receives in step 41 is corresponding to the restricted part of father's authentication secret of authentication secret.
If the authentication secret that receives is the part of authentication secret grade, then authentication secret typically comprises the indication of father's authentication secret of authentication secret.The mobile trusted module of Receipt Validation key can use this indication for the grade of setting up authentication secret, with father's authentication secret of the authentication secret that is used to discern reception.The restricted part of authentication secret can comprise the set of institute's enable state renewal of determining that particular state is upgraded.The set that institute's enable state is upgraded can comprise at least one platform configuration register.The restricted part of authentication secret can impose restriction in the use of the authentication secret that is used to authorize the RIM certificate.For example, restricted part can be indicated, and the RIM certificate of signing with authentication secret can only be used to authorize the particular state during safe guidance is handled to change.If authentication secret is used for not had the RIM certificate of the state of indication to sign to attempting being used to revising restricted part, then modification may not can be moved the trusted module mandate.The indication of institute enable state conversion can be the form of PCR value for example, and its modification can be by the mandate of authentication secret that discussed.
The restricted part of authentication secret can be used for realizing the grade of authentication secret, the scope of the range limited mandate ability in father's authentication secret of the mandate ability of authentication secret wherein, and perhaps sub-key can have narrower ability and authorizes RIM certificate and state to upgrade.For example, father's key can comprise restricted part, and this restricted part indication father key can be used for authorizing the renewal at the value of PCR 10 to 20.The sub-key of described father's key can comprise the restricted part with coupling restricted part subsequently, i.e. the modification that the restricted part of sub-key indication sub-key also can be used for authorizing PCR 10 to 20.Another sub-key of described father's key can comprise such restricted part, and promptly this restricted part indicates other sub-keys to can be used for authorizing for example modification of PCR 15 to 20.
If in mobile trusted module, set up the classification that described restriction is trusted, then mobile trusted module can be determined the restricted part of the restricted part of the authentication secret that receives corresponding to father's authentication secret in the step 41 of Fig. 4, that is, the restricted part of sub-authentication secret is matched with the subclass of the restricted part of the restricted part of father's authentication secret or father's authentication secret.If the result's (step 42) who determines is the restricted part that the restricted part of sub-authentication secret does not correspond to father's authentication secret, then in step 45, mobile trusted module can be refused the authentication secret that received.
If in step 42, mobile trusted module is determined the restricted part of the authentication secret received in the above described manner corresponding to the restricted part of father's authentication secret, and then mobile trusted module can be registered in the association between upgrading of the authentication secret that received and particular state in step 43.Mobile trusted module can be for example preserved such registration in the table etc. of storage in for example storer 32 of the device 30 of Fig. 3.In case registered association, the authentication secret of registration can be used for the state exchange/renewal of authorisation and authentication cipher key associated.
The integrality of the compartmentation of storer 32 can be guaranteed by storage root of trust (RTS) module, wherein store the association of authentication secret and/or registration in this storer.
If father's key of the authentication secret that receives in step 40 is the root key of authentication secret classification, then the key that receives is compared with root key.Mobile trusted module can receive root key during the instantiation at mobile trusted module in a suitable manner in safe guidance is handled, the root checking authorization identifiers of for example describing in above-mentioned TCG standard (RVAI).
The authentication secret that receives also can comprise signature section, and the authentication secret that receives can use father's authentication secret to sign.The authentication secret that receives can further be identified by the signature of foundation father authentication secret inspection in the authentication secret that receives.
Referring now to Fig. 5, it illustrates another example according to the method for the embodiment of the invention.In step 50, accepting state is new authentication more.For example, can be by mobile trusted module (for example mobile trusted module 109,110,111 of Fig. 1) accepting state new authentication more.Mobile trusted module for example can be represented by the computer program 33 of Fig. 3.State more new authentication can be referential integrity tolerance (RIM) certificate, and it is used for transmitting during system start-up and/or revising and represent for example platform configuration register of the particular state of software module (PCR) value.Typically, the RIM certificate comprises the expectation value of state or configuration parameter, and the RIM certificate also can be used for realizing state exchange.RIM certificate and use thereof have been gone through in the TCG standard of formerly quoting.
The state that receives in step 50 more new authentication can ask particular state to be upgraded, and it can be signed with the requests verification key.In step 51, determine the requests verification key whether corresponding to the state that is received more the new authentication particular state of asking upgrade the related authentication secret of storing.For example, in step 51, mobile trusted module can receive the requests verification key in the above described manner, store and be associated with the authentication secret of particular state conversion/renewal and compare with mobile trusted module.The requests verification key can comprise restricted part, and this restricted part determines to use the more type of new authentication of state that the requests verification key confirms.For example, restricted part can be constrained to the use of requests verification key: confirm the state of being determined by the restricted part of requests verification key is upgraded more new authentication of the state of asking.Other states more new authentication may be can't help the described request authentication secret and confirmed.For example, but the more affirmation of new authentication (for example RIM certificate) of restricted part restrained condition, thus the requests verification key can only be used to confirm to changing more new authentication of state that the platform configuration register that allowed by restricted part asks.
If the requests verification key match is in (step 52) authentication secret of storing, then the state that allows to be asked in step 53 upgrades.If key does not match, then in step 52, disarmed state is new authentication more.For example, if the RIM certificate has been signed with authentication secret, wherein mobile trusted module has been associated this authentication secret with the specific modification of PCR value, then mobile trusted module can allow the specific modification of the PCR value of mobile trusted module storage and preservation according to the RIM certificate that receives.
The state of request upgrades the conversion can relate to during clean boot or guiding from a state of system to another state.The state that receives in the step 50 of Fig. 5 more new authentication can be illustrated in during the clean boot for example permission or the expectation state of computer program module.The expectation state of computer program module or configuration can be the versions of computer program module for example.
Method described here, device and computer program for example can be used for, and guarantee to load during safe guidance the computer program module of right version.Method, device and computer program also can be used for limiting the participant of the loading and the execution of the module that is allowed to authorization computer program module and/or particular version.For example, operating system in endorse under the control of mobile trusted module and be loaded in the secured computing environment.Mobile trusted module can be controlled in the OS kernel of not loading error of the assembly version that loaded between the starting period before the loading of OS kernel.
More than explanation provides by carrying out the present inventor's complete sum information description of the best mode of imagination at present by the limiting examples of specified scheme of the present invention and embodiment.Yet, very clear for those of ordinary skills, the details of the above embodiment that provides is provided, but can in other embodiment that use equality unit, realizing under the situation that does not depart from feature of the present invention.
In addition, some feature of the above embodiment of the present invention can be favourable under the situation of the corresponding use that does not have other features.Thus, more than describing to think it only is the example of the principle of the invention, is not its restriction.Therefore, scope of the present invention only is subjected to the constraint of appended patent claims.

Claims (20)

1. method comprises:
Receipt Validation key, described authentication secret comprise the identifier of father's authentication secret of described authentication secret, and wherein said authentication secret comprises restricted part;
Whether the restricted part of determining described authentication secret is corresponding to the restricted part of described father's authentication secret;
Under the situation of restricted part corresponding to the restricted part of described father's authentication secret of described authentication secret, make described authentication secret upgrade related with particular state; And
Storage is upgraded related authentication secret with described particular state.
2. the method for claim 1, wherein said authentication secret further comprises signature, and wherein said method further comprises:
Compare with described father's authentication secret by the signature that will comprise in the described authentication secret, confirm described authentication secret.
3. the method for claim 1 determines that wherein whether the restricted part of described authentication secret comprises corresponding to the restricted part of described father's authentication secret: determine whether the restricted part of described authentication secret constitutes the subclass of the restricted part of described father's authentication secret.
4. the method for claim 1 determines that wherein whether the restricted part of described authentication secret comprises corresponding to the restricted part of described father's authentication secret: determine whether the restricted part of described authentication secret is matched with the restricted part of described father's authentication secret.
5. the method for claim 1, wherein said restricted part comprise the set of determining that institute's enable state that described particular state is upgraded is upgraded.
6. method as claimed in claim 5, the set that wherein said institute enable state is upgraded comprises at least one platform configuration register.
7. the method for claim 1 also comprises:
The state of the described particular state renewal of the request that receives is new authentication more, and described state more new authentication is signed by the requests verification key;
Determine that whether the described request authentication secret is corresponding to upgrading the related authentication secret of storing with described particular state; And
Corresponding to upgrading under the situation of the related authentication secret of storing, allow described particular state to upgrade in the described request authentication secret with described particular state.
8. method as claimed in claim 7, wherein said particular state are upgraded the conversion of described system from first state to second state during the clean boot of the system that is included in.
9. method as claimed in claim 8, wherein said state more new authentication are represented the state that allows during the clean boot of described system.
10. method as claimed in claim 9, wherein said state more new authentication comprise referential integrity tolerance certificate.
11. method as claimed in claim 7, wherein said requests verification key comprises restricted part, and it determines to use the more type of new authentication of state that the described request authentication secret confirms.
12. a device comprises:
Processor is configured to:
Receipt Validation key, described authentication secret comprise the identifier of father's authentication secret of described authentication secret, and wherein said authentication secret comprises restricted part;
Whether the restricted part of determining described authentication secret is corresponding to the restricted part of described father's authentication secret; And
Make described authentication secret upgrade related with particular state;
Described device further comprises:
Storer is configured to store with described particular state and upgrades related authentication secret.
13. device as claimed in claim 8, wherein said authentication secret further comprises signature, and wherein said processor further is configured to:
Compare with described father's authentication secret by the signature that will comprise in the described authentication secret, confirm described authentication secret.
14. device as claimed in claim 8, wherein said processor is configured to: whether constitute the subclass of the restricted part of described father's authentication secret by the restricted part of determining described authentication secret, whether the restricted part of determining described authentication secret is corresponding to the restricted part of described father's authentication secret.
15. device as claimed in claim 8, wherein said processor is configured to: whether be matched with the restricted part of described father's authentication secret by the restricted part of determining described authentication secret, whether the restricted part of determining described authentication secret is corresponding to the restricted part of described father's authentication secret.
16. device as claimed in claim 8, wherein said processor further is configured to:
The state of the described particular state renewal of the request that receives is new authentication more, and described state more new authentication is signed by the requests verification key;
Determine that whether the described request authentication secret is corresponding to upgrading the related authentication secret of storing with described particular state; And
Corresponding to upgrading under the situation of the related authentication secret of storing, allow described particular state to upgrade in the described request authentication secret with described particular state.
17. computer program of on computer-readable medium, realizing, described computer program comprises is operable as storer that is loaded into calculation element and the program code of carrying out that on calculation element described program code is configured to make calculation element to carry out following the operation when carrying out:
Receipt Validation key, described authentication secret comprise the identifier of father's authentication secret of described authentication secret, and wherein said authentication secret comprises restricted part;
Whether the restricted part of determining described authentication secret is corresponding to the restricted part of described father's authentication secret;
Under the situation of restricted part corresponding to the restricted part of described father's authentication secret of described authentication secret, make described authentication secret upgrade and be associated with particular state; And
Storage is upgraded related authentication secret with described particular state.
18. computer program as claimed in claim 13, wherein said authentication secret further comprises signature, and wherein said program code is further configured to making calculation element carry out following operation:
Compare with described father's authentication secret by the signature that will comprise in the described authentication secret, confirm described authentication secret.
19. computer program as claimed in claim 13, wherein said program code are further configured to making calculation element carry out following operation:
The state of the described particular state renewal of the request that receives is new authentication more, and described state more new authentication is signed by the requests verification key;
Determine that whether the described request authentication secret is corresponding to upgrading the related authentication secret of storing with described particular state; And
Corresponding to upgrading under the situation of the related authentication secret of storing, allow described particular state to upgrade in the described request authentication secret with described particular state.
20. a device comprises:
The parts that are used for the Receipt Validation key, described authentication secret comprise the identifier of father's authentication secret of described authentication secret, and described authentication secret comprises restricted part;
Whether the restricted part that is used for determining described authentication secret is corresponding to the parts of the restricted part of described father's authentication secret;
Be used to make described authentication secret to upgrade the parts that are associated with particular state; And
Be used to store the parts that upgrade related authentication secret with described particular state.
CN200980123685.6A 2008-06-23 2009-06-10 Verification key handling Active CN102067147B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US12/214,984 US8300829B2 (en) 2008-06-23 2008-06-23 Verification key handling
US12/214,984 2008-06-23
PCT/FI2009/050489 WO2009156568A1 (en) 2008-06-23 2009-06-10 Verification key handling

Publications (2)

Publication Number Publication Date
CN102067147A true CN102067147A (en) 2011-05-18
CN102067147B CN102067147B (en) 2014-10-15

Family

ID=41431314

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200980123685.6A Active CN102067147B (en) 2008-06-23 2009-06-10 Verification key handling

Country Status (4)

Country Link
US (1) US8300829B2 (en)
EP (1) EP2308003B1 (en)
CN (1) CN102067147B (en)
WO (1) WO2009156568A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101229306B1 (en) 2008-01-18 2013-02-05 인터디지탈 패튼 홀딩스, 인크 Method and apparatus for enabling machine to machine communication
JP5178341B2 (en) * 2008-06-23 2013-04-10 パナソニック株式会社 Secure boot with optional components
KR101681136B1 (en) 2009-03-06 2016-12-01 인터디지탈 패튼 홀딩스, 인크 Platform validation and management of wireless devices
KR101622447B1 (en) 2010-11-05 2016-05-31 인터디지탈 패튼 홀딩스, 인크 Device validation, distress indication, and remediation
US9135449B2 (en) * 2012-07-24 2015-09-15 Electronics And Telecommunications Research Institute Apparatus and method for managing USIM data using mobile trusted module
CN107395350B (en) * 2017-08-22 2019-12-20 深圳市文鼎创数据科技有限公司 Method and system for generating key and key handle and intelligent key safety equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5978484A (en) * 1996-04-25 1999-11-02 Microsoft Corporation System and method for safety distributing executable objects
CN1625105A (en) * 2003-12-02 2005-06-08 国际商业机器公司 Information processing apparatus, a server apparatus, a method of an information processing apparatus, a method of a server apparatus
US20050138393A1 (en) * 2003-12-22 2005-06-23 Challener David C. Determining user security level using trusted hardware device
CN1679271A (en) * 2002-08-28 2005-10-05 美国多科摩通讯研究所股份有限公司 Certificate-based encryption and public key infrastructure

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6976163B1 (en) 2000-07-12 2005-12-13 International Business Machines Corporation Methods, systems and computer program products for rule based firmware updates utilizing certificate extensions and certificates for use therein
US7337330B2 (en) 2003-03-10 2008-02-26 Cyberview Technology, Inc. Universal game download system for legacy gaming machines

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5978484A (en) * 1996-04-25 1999-11-02 Microsoft Corporation System and method for safety distributing executable objects
CN1679271A (en) * 2002-08-28 2005-10-05 美国多科摩通讯研究所股份有限公司 Certificate-based encryption and public key infrastructure
CN1625105A (en) * 2003-12-02 2005-06-08 国际商业机器公司 Information processing apparatus, a server apparatus, a method of an information processing apparatus, a method of a server apparatus
US20050138393A1 (en) * 2003-12-22 2005-06-23 Challener David C. Determining user security level using trusted hardware device

Also Published As

Publication number Publication date
CN102067147B (en) 2014-10-15
EP2308003B1 (en) 2018-07-25
US8300829B2 (en) 2012-10-30
EP2308003A1 (en) 2011-04-13
WO2009156568A1 (en) 2009-12-30
US20090316908A1 (en) 2009-12-24
EP2308003A4 (en) 2011-11-23

Similar Documents

Publication Publication Date Title
KR101061332B1 (en) Apparatus and method for controlling the use of memory cards
US10097993B2 (en) Method and apparatus for remote authentication
EP2765750B1 (en) Controlling application access to mobile device functions
US20080003980A1 (en) Subsidy-controlled handset device via a sim card using asymmetric verification and method thereof
EP3787221A1 (en) Method for storing digital key and electronic device
US20050202803A1 (en) Secure interaction between downloaded application code and a smart card in a mobile communication apparatus
US10511965B2 (en) Method and system for downloading software based on mobile terminal
US8984296B1 (en) Device driver self authentication method and system
EP2736214B1 (en) Controlling application access to mobile device functions
CN102067147B (en) Verification key handling
EP3163489B1 (en) Token-based control of software installation and operation
CN104737177A (en) Method of providing a secured service
EP3796194A1 (en) Secure element for processing and authenticating digital key and operation method therefor
US20150106871A1 (en) System and method for controlling access to security engine of mobile terminal
EP2633461B1 (en) A method for accessing an application and a corresponding device
US11949779B2 (en) Method and apparatus for registering shared key
US11722307B2 (en) Electronic device for processing digital key, and operation method therefor
KR102201218B1 (en) Access control system and method to security engine of mobile terminal
CN102812470A (en) Content Binding At First Access
US20220027455A1 (en) Authorization for the loading of an application onto a security element

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20160215

Address after: Espoo, Finland

Patentee after: Technology Co., Ltd. of Nokia

Address before: Espoo, Finland

Patentee before: Nokia Oyj